Flashback removal tool arrives for Mac OS X 10.5 Leopard
Apple has announced the release of a standalone Flashback malware removal tool for computers running Mac OS X 10.5 Leopard, even though the operating system is no longer officially supported. Like the security updates for 10.6 Snow Leopard and 10.7 Lion, the 1.23MB tool removes "most common variants of the Flashback malware", which reportedly infected more than 600,000 systems, exploiting flaws in earlier versions of Java. Read more...
Snow Leopard users most prone to Flashback infection
Of the Macs that have been infected by the Flashback malware, nearly two-thirds are running OS X 10.6, better known as Snow Leopard, a Russian antivirus company said Friday.
Doctor Web, which earlier this month was the first to report the largest-ever malware attack against Apple Macs, mined data it's intercepted from compromised computers to come up with its findings.
The company, along with other security vendors, has been "sinkholing" select command-and-control (C&C) domains used by the Flashback botnet -- hijacking them before the hackers could use the domains to issue orders or update their attack code -- to both estimate the botnet's size and disrupt its operation. Read more...
Flashback numbers not going down – still over half a million
Dr Web's estimate of Flashback infections
Source: Dr Web Initial reports of drops in the number of systems infected with the Flashback Mac malware are being corrected – the adjusted number is now back to around 550,000 systems. The corrections come after it was shown by Dr Web that one system among the various command and control IP addresses was halting bot scans. Flashback-infected machines randomly work through a generated range of different systems, connecting to each to check for commands. The blocking system meant that companies, like Dr Web, who set up their sinkhole servers earlier, so that they could estimate the number of infections, got to see more infected machines connecting, while sinkholes set up later saw fewer infected systems. Read more...
Free tool detects Flashback Mac malware pestilence
A Mac developer has posted a tool that detects a Flashback malware infection on Apple's computers.
The tiny tool -- it's just a 38KB download -- was created by Juan Leon, a software engineer at Garmin International, the Kansas-based company best known for its GPS devices.
Ars Technica first reported on Leon's FlashBack Checker.
The tool spots the malware by automating a tedious process first described by security firm F-Secure last month. F-Secure's procedure required entering multiple commands in Terminal, the Mac OS X command line utility. Read more...